<?php
	class api_pos_auth extends core{
		private $table_pos_auth='nfbm_pos_auth';
		private $table_token='nfbm_token';
		private $table_city='nfbm_city_area';
		private $table_shop='nfbm_shop';//商铺表

		/**
		* 添加或者修改商铺
		* @author xiezhihui 2014-5-29 16:53:32
		* @param mixed $data
		* @return mysql对象
		*/
		public function shop_ins_up($data){
			if(!$data){
				return false;
			}
			if(!$data['id']){
				return $this->set_db($this->table_shop,$data);
			}
			return $this->set_db($this->table_shop,$data,false,'id='.$data['id']);

		}
		/**
		* 根据id获取商铺详细
		*
		* @param mixed $id
		* @param mixed $data
		* @return mysql对象
		*/
		public function get_shop_info($id,$data=array()){
			$sql="SELECT * FROM {$this->table_shop} WHERE id='{$id}' limit 1";
			return $this->_mysql()->findone($sql);
		}
		/**
		* 获取商铺列表
		* @author xiezhihui 2014-5-29 17:22:14
		* @param mixed $data
		* @param mixed $page
		* @param mixed $pagesize
		* @return mysql对象
		*/
		public function shop_list($data,$page=1,$pagesize=10){
			$sql="SELECT a.*,c.city_name FROM {$this->table_shop} as a,{$this->table_city} as c WHERE a.area=c.id ";

			$sql_cond='';

			if($data['state']){
				$sql_cond.=" and a.state='{$data['state']}'";
			}
			if($data['title']){
				$sql_cond.=" and a.name like '%{$data['title']}%'";
			}

			//城市处理 该顺序不能乱
			$sql_city="";
			if($data['province']){
				$sql_city=" and a.area like '".substr($data['province'],0,2).'____'."'";
			}
			if($data['city']){
				$zx_city=$data['zx_city'];
				$sql_city=" and a.area like '".( (in_array( substr($data['city'],0,2).'0000',$zx_city )?substr($data['city'],0,2).'____':substr($data['city'],0,4).'__') )."'";
			}
			if($data['area']){
				$sql_city=" and a.area like '".$data['area']."'";
			}
			$sql.=$sql_cond.$sql_city;


			
			$sql_count="SELECT count(a.id) as count FROM {$this->table_shop} as a,{$this->table_city} as c WHERE a.area=c.id {$sql_cond}{$sql_city} limit 1";

			$count = $this->_mysql(0)->findone($sql_count);

			$res = $this->_mysql(0)->findlimit($sql,$page,$pagesize,$count['count']);
			return $res;
		}
		/**
		* 收银机登录验证
		* @author xiezhihui 14-04-08 04:17
		*
		* @param mixed $clientid
		* @param mixed $pwd
		* @return mysql对象
		*/
		public function check_pos_login($clientid,$pwd){
			if(!$clientid || !$pwd){
				return false;
			}
			$sql="SELECT * FROM {$this->table_pos_auth} WHERE client_id='{$clientid}' and password='{$pwd}' limit 1";
			return $this->_mysql(0)->findone($sql);
		}
		/**
		* 更新收银机登录key
		*
		* @param mixed $id
		* @param mixed $data
		* @return mysql对象
		*/
		public function check_pos_update($id,$data){
			if(!$id || !$data){
				return false;
			}

			return $this->set_db($this->table_pos_auth,$data,false,'id='.$id);
		}
		/**
		* 检查收银机的登录key 存在返回该收银机信息 否则return false
		* @author xiezhihui 14-04-09 10:48
		* @param mixed $clientkey
		* @return mysql对象
		*/
		public function check_pos_clientkey($clientkey){
			if(!$clientkey){
				return false;
			}
			$sql="SELECT a.*,b.name,b.area as area FROM {$this->table_pos_auth} as a,{$this->table_shop} as b WHERE a.shop_id=b.id and a.loginkey='{$clientkey}' and a.state=1 limit 1";
			$res = $this->_mysql(0)->findone($sql);
			if($res['loginkey']!=$clientkey){
				return false;
			}
			if($res['expire']<time() && $res['expire']!=false){ //登录超时
				return false;
			}
			return $res;
		}
		/**
		* 检查收银机的唯一
		*
		* @param mixed $clientkey
		* @return mysql对象
		*/
		public function unique_pos($clientid){
			$sql="SELECT * FROM {$this->table_pos_auth} WHERE client_id='{$clientid}' limit 1";
			$res = $this->_mysql(0)->findone($sql);
			return $res;
		}
		/**
		* 添加一个收银机
		*
		* @param mixed $data
		* @return mysql对象
		*/
		public function add_pos($data){
			if(!$data){
				return false;
			}
			return $this->set_db($this->table_pos_auth,$data);
		}
		/**
		* 修改一个收银机
		*
		* @param mixed $data
		* @return mysql对象
		*/
		public function edit_pos($id,$data){
			if(!$id){
				return false;
			}
			return $this->set_db($this->table_pos_auth,$data,false,'id='.$id);
		}
		/**
		* 收银机列表
		*
		* @param mixed $data
		* @param mixed $page
		* @param mixed $pagesize
		* @return mysql对象
		*/
		public function get_pos_list($data,$page=1,$pagesize=10){

			//$sql="SELECT a.*,b.city_name,b.id as city_id FROM {$this->table_pos_auth} as a Left Join {$this->table_city} as b On a.area=b.id WHERE 1";
			$sql="SELECT a.*,b.city_name,b.id as city_id FROM {$this->table_pos_auth} as a Left Join {$this->table_shop} as c On a.shop_id=c.id Left Join {$this->table_city} as b On c.area=b.id WHERE 1";
			$sql_cond='';

			if($data['state']){
				$sql_cond.=" and a.state='{$data['state']}'";
			}
			if($data['title']){
				$sql_cond.=" and a.client_id='{$data['title']}'";
			}
			if($data['shop_id']){
				$sql_cond.=" and a.shop_id={$data['shop_id']}";
			}

			//城市处理 该顺序不能乱
			$sql_city="";
			if($data['province']){
				$sql_city=" and a.area like '".substr($data['province'],0,2).'____'."'";
			}
			if($data['city']){
				$zx_city=$data['zx_city'];
				$sql_city=" and a.area like '".( (in_array( substr($data['city'],0,2).'0000',$zx_city )?substr($data['city'],0,2).'____':substr($data['city'],0,4).'__') )."'";
			}
			if($data['area']){
				$sql_city=" and a.area like '".$data['area']."'";
			}
			$sql.=$sql_cond.$sql_city;
			$sql_count="SELECT count(a.id) as count FROM {$this->table_pos_auth} as a Left Join {$this->table_shop} as c On a.shop_id=c.id Left Join {$this->table_city} as b On c.area=b.id WHERE 1 {$sql_cond}{$sql_city} limit 1";
			$count = $this->_mysql(0)->findone($sql_count);
			$res = $this->_mysql(0)->findlimit($sql,$page,$pagesize,$count['count']);
			return $res;
		}
		/**
		* 获取收银机单条记录
		*
		* @param mixed $id
		* @param mixed $data
		* @return mysql对象
		*/
		public function get_pos_info($id,$data=array()){
			if(!$id || !is_numeric($id)){
				return false;
			}
			$sql="SELECT * FROM {$this->table_pos_auth} WHERE id={$id} limit 1";
			return $this->_mysql(0)->findone($sql);
		}
		/**
		* 创建或者更新接口令牌
		*
		* @param mixed $sign 参数签名
		* @return mysql对象
		*/
		public function create_token($data){
			$sql="SELECT * FROM {$this->table_token} WHERE clientkey='{$data['clientkey']}' limit 1";
			$data['create_time']=time();
			$res = $this->_mysql(0)->findone($sql);
			if($res['clientkey']){
				return $this->set_db($this->table_token,$data,false,"clientkey='{$data['clientkey']}'");
			}
			return  $this->set_db($this->table_token,$data);
		}
		/**
		* 获取接口令牌
		*
		* @param int $data
		* @return mysql对象
		*/
		public function get_token($clientkey){
			if(!$clientkey){
				return false;
			}
			$sql="SELECT * FROM {$this->table_token} WHERE clientkey='{$clientkey}' limit 1";

			$res = $this->_mysql(0)->findone($sql);


			return $res;
		}
		/**
		* 服务端url 自动签名认证 自动防止重复提交
		* @author xiezhihui 14-04-16 02:23
		* @param mixed &$_GET
		* @return string
		*/
		public function url_sign_auth($_GET){
			$tokenval = request('tokenval',false,false,false,'tokenval');//令牌val默认为time()
			$client_sign=$_GET['sign'];//必须在$sign之前 客户端参数加密码

			ksort($_GET);
			unset($_GET['sign']);
			$sign = md5( urldecode(http_build_query($_GET)) );
			if($sign != $client_sign){ //参数签名不合法
				api_echo_json(array('code'=>205));
			}
			$token=$this->get_token($_GET['clientkey']);

			if($sign == $token['sign'] && $tokenval==$token['token']){
				api_echo_json(array('code'=>206));
			}
			$s = $this->create_token(array('clientkey'=>$_GET['clientkey'],'sign'=>$sign,'token'=>$tokenval));
			//return array('sign'=>$sign,'token'=>$tokenval);
			return $s;
		}
	}
?>
